 <?php 


$username = $_POST['username'];
$password = $_POST['password'];

//$username = "trang";
//$password = "trangsf";
include("opendb.php");
include("functions.php");
$res = isValidUser($username,$password);
if($res!=1) {
echo "0";
exit;
}

$listingid = $_POST['listing_id'];
//$listingid = 282815;

$query = "select * from Users where Username='".$username."'";
$result = mysql_query($query) or die ("SQL Error".mysql_error());
$row=mysql_fetch_assoc($result);
$userid = $row['ID'];



		$lquery = "select * from PROPERTIES p inner join Prop_Owner_Con c on p.OID = c.Prop_OID where p.OID='".$listingid."' and c.Owner = '".$userid."'";
		$lresult = mysql_query($lquery) or die ("SQL Error".mysql_error());
		$listing_row=mysql_fetch_assoc($lresult);
		if (mysql_num_rows($lresult) === 0)
		{
			echo "101";
			exit;
		}
		
		
			 $query = "select * from Listing_Areas where Listing_ID = '".$listingid."' and Type = 'IMAGE' group by Name";
			$result = mysql_query($query) or die ("SQL Error".mysql_error());
			$xmlout= getXML($result);
			echo $xmlout;
?>